Cybersecurity

A New Approach to Cybersecurity


Solutions Review’s Contributed Content Series is a collection of contributed articles written by thought leaders in enterprise software categories. Jason Keirstead of Cyware introduces us to supplier collective defense and why enterprises should embrace it in their own strategies.

We have all become far too aware of the challenges and risks that cyber threats pose to our organizations and their supply chains. We also know that our organizations are only as secure as our suppliers. While, to date, there has been a lot of focus on supply chain vulnerabilities, the actual problem area is more complex than that. As such, we must expand our problem scope to the entire security posture of our suppliers, who will almost certainly have different levels of cybersecurity maturity and capabilities.

  • How can you ensure that your suppliers are adequately protected and aligned with your cybersecurity standards and objectives?
  • How can you leverage the collective knowledge and resources of your supply chain to enhance your cybersecurity posture and resilience?

The answer is supplier collective defense. Supplier collective defense is an approach that moves beyond looking at vulnerability risk. It aims to enhance the cybersecurity posture of both large enterprises and their suppliers by sharing information and best practices across the supply chain. Let’s take a closer look at what supplier collective defense is, why it’s essential, and how it can be implemented using existing standards and technologies.

Supplier Collective Defense: A New Approach to Cybersecurity


The ‘What’ and ‘Why’ of Supplier Collective Defense

Supplier security is among the most critical aspects of a supply chain. Suppliers are often responsible for implementing and maintaining the IT systems and processes that support the organization’s operations. They also have access to sensitive or proprietary information that attackers could exploit. Therefore, suppliers need effective cybersecurity controls in place to protect their own systems and data as well as those of their customers. However, these organizations may lack the resources, expertise, or awareness to implement adequate cybersecurity measures. They may also face challenges in keeping up with the evolving threat landscape and complying with various standards and regulations. As a result, they become more susceptible to cyber-attacks that could affect not only their own operations but also those of their customers.

This is where supplier collective defense comes in. Supplier collective defense is an approach that aims to enhance the cybersecurity posture of both large enterprises and their suppliers by sharing information and best practices across the supply chain.  By working together as a team against common threats, both parties can achieve greater resilience and security than they could individually. A rising tide lifts all boats, right?

Supplier collective defense has several benefits for both large enterprises and their suppliers. Among these, it:

  • Reduces the risk of supply chain disruption caused by cyber-attacks. By sharing threat intelligence findings, detection rules, incident response plans, and other defensive information with suppliers in real-time or near-real-time, large enterprises help them detect and mitigate potential attacks before cyber-criminals cause significant damage.
  • Improves the efficiency and effectiveness of cybersecurity operations. By leveraging each other’s resources, large enterprises help their suppliers access tools, training, guidance, and support that may not otherwise be accessible. This allows them to improve their skills, capabilities, performance, and compliance.
  • Fosters trust and collaboration between large enterprises and their suppliers. By sharing information openly and transparently, large enterprises help their suppliers understand their expectations and requirements. This helps them build stronger relationships based on mutual respect and cooperation.

Practical Applications

One example of how supplier collective defense can up-level a vendor’s supply chain is by taking advantage of the Sigma format to share detection rules. Sharing detection rules in this way helps secure the supply chain by enabling consistent, scalable, and interoperable cyber threat detection across different log sources and SIEM systems. Sigma is a generic and open signature format that allows users to describe relevant log events in a straightforward manner. By using Sigma, an enterprise SOC can share their detection rules with their suppliers in a machine-readable and vendor-neutral way, allowing them to apply the same detection logic to their own log data. This helps the suppliers identify and respond to potential attacks faster and more effectively, reducing the risk of supply chain compromise.

Sigma can also help the enterprise SOC to leverage the detection rules developed by other sources, such as ISACs, ISAOs, or open repositories, to improve their own threat visibility and coverage – and it also compliments the use of existing standards such as the OASIS STIX and TAXII for exchanging threat intelligence information, enhancing the collaboration and coordination between the enterprise SOC and the suppliers.

Tapping into Tested and Trusted Collaboration

Supplier collective defense is not a novel concept but rather an extension and adaptation of existing practices and frameworks that ISACs and ISAOs have pioneered. These bidirectional threat intelligence-sharing organizations have demonstrated the value and feasibility of sharing cyber threat information and best practices among trusted partners and communities. By applying the same principles and mechanisms to the supply chain, large enterprises and their suppliers can enhance their cybersecurity posture and resilience while reducing the risk of supply chain disruption that cyber-attacks cause.

Supplier collective defense is not only a technical solution.  It’s also a strategic and cultural one. It requires a shift in mindset – from viewing suppliers as potential liabilities, to viewing them as valuable allies. It also requires a commitment to collaboration, coordination, and communication across the supply chain. By embracing supplier collective defense, organizations can gain a competitive edge in the market while ensuring business continuity in times of crisis.



Source

Related Articles

Back to top button